| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Change-Id: I9774dbec91b397d291d8f7f9bf96bbb75fc2baad
Reviewed-on: https://gerrit.libreoffice.org/42298
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Michael Stahl <mstahl@redhat.com>
|
|
Before the gbuild conversion in commit
ec6af4194e80f5f0b2e46ca59802ff397a2a4a24 (convert libxmlsec to gbuild,
2012-11-29) the makefile.mk had a comment for this patch: "Disable use
of smime3 so don't need to package it".
Today smime3 is packaged (see external/nss/ExternalPackage_nss.mk), so
patching xmlsec is no longer needed.
Change-Id: I73ec13ee92a1860f5dc3cbeed0e51d42a0320baa
Reviewed-on: https://gerrit.libreoffice.org/38239
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
This flag does exactly what we need since xmlsec-1.2.24.
Change-Id: I3ae052d4bfe564c3234aef2511ef82ebdb452ebe
Reviewed-on: https://gerrit.libreoffice.org/37700
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Upstream changes interesting for us:
- Added ECDSA-SHA1, ECDSA-SHA256, ECDSA-SHA512 support for xmlsec-nss,
so we can drop 2 patches
- Fixed XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS handling, which
allows dropping xmlsec1-noverify.patch.1 in the future
Also backport a patch from xmlsec master that fixes signature creation
on Windows (the release regressed in this regard).
Change-Id: I2c14328283bf7d4f8af5595ea4c1efc29ee81f9e
|
|
This was added in commit ebd1b95bb5f9235d1dba1b840fd746c9b53320d2
(INTEGRATION: CWS xmlsec08 (1.1.2); FILE ADDED, 2005-03-10). According
to CWS history it was introduced in the 1.1.2.1 part, without any
further comments.
Before the gbuild conversion in commit
ec6af4194e80f5f0b2e46ca59802ff397a2a4a24 (convert libxmlsec to gbuild,
2012-11-29) the makefile.mk had a comment for this patch: "Dubious, do
we still need this ?".
My best guess is that this was added as part of some effort to do ODF
encryption (not just signing) in xmlsecurity, but code for that on the
xmlsecurity part is already removed.
Change-Id: I3a5f1fedd7ce10b8b874bb8a3c9e6260213fbd8f
Reviewed-on: https://gerrit.libreoffice.org/37261
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
NSS already supported ECDSA, and LibreOffice itself is agnostic here.
All what was missing is the ECDSA wrapper in xmlsec's nss backend.
Change-Id: Ic26cef369d0f4a1847b6a76825b9464837fe8f3b
Reviewed-on: https://gerrit.libreoffice.org/34966
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
One from the two patches do not apply anymore. Remove both of them for
now.
Change-Id: I8e06cc28810a9dac13054282a630b0e9b716af86
Reviewed-on: https://gerrit.libreoffice.org/30924
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Obsoletes xmlsec1-win32-fix-undeclared.patch.1.
Change-Id: I11cd52aebbe5ab224de9ab00b74c02abb46296f6
Reviewed-on: https://gerrit.libreoffice.org/30539
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
And instead attempt to set up the test environment correctly.
Change-Id: I06c10b96749c0464da8d2dd9a59b48f16baeead5
Reviewed-on: https://gerrit.libreoffice.org/27785
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I1dbb6bf57dc78f321e6e6d69b7e573309aff8f48
Reviewed-on: https://gerrit.libreoffice.org/27658
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I4a8365c98eef87274ae1809047fd4ea582102f0b
Reviewed-on: https://gerrit.libreoffice.org/27556
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Upstream used to provide no such one, and it's needed for the macOS
build. Latest upstream release does provide one, no need to patch it.
Change-Id: I2c2350d0e074f58d13fedb0d72888dd24ac41f44
Reviewed-on: https://gerrit.libreoffice.org/27322
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Obsoletes xmlsec1-ooxml.patch.1 and xmlsec1-vs2015.patch.1.
Adds xmlsec1-keyinfo-revert.patch.1 till the LO side is adapted to the
new xmlsec requirements.
Change-Id: I1a46ad8fd7e9c8b4fa7a97591a1d90922969393d
Reviewed-on: https://gerrit.libreoffice.org/24403
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I1a6201a21cdf3a42475487a42cd80d11cd5e42b6
Reviewed-on: https://gerrit.libreoffice.org/24253
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Obsoletes xmlsec1-update-config.guess.patch.1.
Also update xmlsec1-ooxml.patch.1 as it was upstreamed at the end (with
improved error checks, etc), which wasn't possible before without loads
of conflicts.
Change-Id: I6fee428f73f8908289d87cc262ad323ec62e65cf
Reviewed-on: https://gerrit.libreoffice.org/24032
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Obsoletes our xmlsec1-1.2.14-ansi.patch.1 and xmlsec1-android.patch.1.
Change-Id: Ic6499b1a79e3f5a6d94beb62c0c338789c782c86
Reviewed-on: https://gerrit.libreoffice.org/23844
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
So we can drop xmlsec1-configure-libxml-libxslt.patch.1, as upstream
commit be72c468dfd3165105ed5cdc949493332c4d3064 (fixed configure issue
with emapty --with-libxml/libxsl and config scripts in /bin directory,
2010-07-19) fixes the same problem.
Change-Id: Ibb01fb2c5e4074d39168df487180fa88c7bb8035
Reviewed-on: https://gerrit.libreoffice.org/23498
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
The primary benefit is that this release supports sha256 out of the box,
so we can drop xmlsec1-nss-sha256.patch.1 and
xmlsec1-mscrypto-sha256.patch.1.
Change-Id: I78606c02591ac8ae7e347b0faa510ae2483e3183
Reviewed-on: https://gerrit.libreoffice.org/23096
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
That was the situation before commit
ec6af4194e80f5f0b2e46ca59802ff397a2a4a24 (convert libxmlsec to gbuild,
2012-11-29), and if we ever manage to upstream this patch, then it'll
just make the review process harder if half of the patch is in separate
files.
Change-Id: I0d12d72ea7a1a2591d1ef5232c006b6b7fea7aff
Reviewed-on: https://gerrit.libreoffice.org/22973
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I45519896d745bcc4162d655746585051d47b732d
|
|
I assume this was needed for the Linux baseline. CentOS 6 has libxml
2.7.6, patch is needed for < 2.7.4. (CentOS 5 had 2.6.26, that is only
used on libreoffice-5-0).
Change-Id: Iae2edbf4f0d484944e399bd901d35a8260272700
Reviewed-on: https://gerrit.libreoffice.org/22659
Reviewed-by: Michael Stahl <mstahl@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
The only tricky part is PROV_RSA_FULL -> PROV_RSA_AES, otherwise SHA-256
is not recognized as a valid algo. MSDN documentation for PROV_RSA_FULL
at
<https://msdn.microsoft.com/en-us/library/windows/desktop/aa387448%28v=vs.85%29.aspx>
and PROV_RSA_AES at
<https://msdn.microsoft.com/en-us/library/windows/desktop/aa387447%28v=vs.85%29.aspx>
say that AES is a superset of full, so should be no
backwards-compatibility issue. I tested this on Windows 7, but according
to the documentation, it should be no problem on Windows XP, either --
provided that the latest SP is installed.
Change-Id: I3ae196679c2cbf0e9e55fab10584d9c46a480659
|
|
This way we do not abort a signature verification when we see a
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
XML node. Note that this just extends the glue layer, both NSS and
libxmlsec itself already supported SHA-256 already.
Change-Id: I68de99578b839bd7eaa8f21af903aa924c892799
|
|
The transform itself doesn't do anything so far, but the verification is
no longer aborted just because we see a transform that we don't know.
Change-Id: Ife89157067f3af3326896df3053065c8302795d1
|
|
Change-Id: I4b31729481b7fd538483db5b6e39e1d80e03b3b6
|
|
Change-Id: I1bcdd01aad7fc2ee2d2f635b0ae4c4183c9ab092
Reviewed-on: https://gerrit.libreoffice.org/6571
Reviewed-by: David Tardon <dtardon@redhat.com>
Tested-by: David Tardon <dtardon@redhat.com>
|
